free counter

Cloud compromise a doddle for threat actors as victims attest

Jakub Jirsk –

Two separate studies in to the state of public cloud security reveal insight in to the ease with which threat actors can compromise vast amounts of targets, plus some of the challenges security teams are facing in the cloud

Alex Scroxton


Published: 13 Sep 2022 15: 45

It requires typically just three steps for a threat actor to infiltrate a target cloud environment and move on to its crown jewel assets, and for that reason, vast amounts of organisations are actually experiencing cloud security incidents, with at the very least 80% reporting a severe incident previously 12 months.

That is in accordance with two different reports on hawaii of cloud security released today by sector specialists Orca Security and Snyk, both which reveal fresh insight in to the cyber risks and challenges taken to the fore by widespread cloud adoption, and how security teams are grappling using them.

Orcas report, published by its aptly named Research Pod, analyses workload and configuration data captured from vast amounts of assets on AWS, Azure and Google Cloud in the initial seven months of 2022, to recognize where gaps exist and what security teams can perform to fill them in.

Aside from the concerning proven fact that a threat actor needs and then chain three connected and exploitable weaknesses in a cloud environment to wreak potentially terminal havoc, Orca found a large proportion (78%) of the attack paths began with a known common vulnerability or exposure (CVE) since the initial vector, suggesting organisations are, as ever, failing woefully to patch appropriately.

In addition, it discovered that organisations continue steadily to leave their cloud storage assets, such as for example AWS S3 Buckets and Azure Blobs, completely subjected to the general public internet, and so are not implementing basic security measures such as for example multi-factor authentication (MFA), encryption and port scanning.

Furthermore, Orca discovered that organisations have a tendency to overlook cloud-native services, likely because despite the fact that they are an easy task to spin up, they want regular oversight and configuration.

Some 58% of organisations have serverless functions with unsupported runtimes, and 70% have a publicly accessible Kubernetes API.

Avi Shua, CEO and co-founder of Orca, said: The security of the general public cloud not merely depends upon cloud platforms providing a safe cloud infrastructure, but additionally quite definitely on hawaii of an organisations workloads, configurations and identities in the cloud.

There’s still much work to be achieved of this type, from unpatched vulnerabilities and overly permissive identities, to storage assets being left spacious. It is very important remember, however, that organisations can’t ever fix all risks within their environment. They simply dont have the manpower to get this done. Instead, organisations should work strategically and make sure that the risks that endanger the organisations most significant assets are always patched first.

Besides its headline statistic that four-fifths of organisations have observed a severe cloud security incident be a data breach, leak, or intrusion previously 12 months, Snyks report also discovered that 58% of respondents felt cloud-based risk was more likely to grow within the next 12 months, and 25% were worried that they had recently suffered a cloud data breach but were unacquainted with it.

Snyk also found proof some scepticism about cloud-native approaches, with 41% saying they introduced more complexity and complication with their efforts around security, particularly when it comes to training and collaboration, and usage of engineering resources.

However, where respondents had worked to boost their cloud security, they found multiple benefits, including increased collaboration, enhanced productivity and faster innovation.

This new research should serve as a wake-up call our collective cloud risk of security is universal and can only continue steadily to grow if we double down on outdated approaches and legacy tools, said Josh Stella, vice-president and chief architect at Snyk.

The outlook isn’t entirely dire, however, because the data also clearly reveals that shifting cloud security left and embracing DevSecOps collaboration makes it possible for global organisations to keep their current pace of innovation more securely.

Snyks report was predicated on a study greater than 400 cloud engineering and security practitioners, and also leaders from various organisation types and industries.

Read more on Cloud security

Read More

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker